注意:在生成 admin 客户端证书的目录来运行本部分的指令。
每一个 kubeconfig 都需要一个 Kuberntes API Server 地址。为了保证高可用,这里将使用 API Servers 前端外部负载均衡器的 IP 地址。
KUBERNETES_PUBLIC_ADDRESS=$(gcloud compute addresses describe kubernetes-the-hard-way \
--region $(gcloud config get-value compute/region) \
--format 'value(address)')
kubectl config set-cluster kubernetes-the-hard-way \
--certificate-authority=ca.pem \
--embed-certs=true \
--server=https://${KUBERNETES_PUBLIC_ADDRESS}:6443
kubectl config set-credentials admin \
--client-certificate=admin.pem \
--client-key=admin-key.pem
kubectl config set-context kubernetes-the-hard-way \
--cluster=kubernetes-the-hard-way \
--user=admin
kubectl config use-context kubernetes-the-hard-way
kubectl get componentstatuses
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-2 Healthy {"health": "true"}
etcd-0 Healthy {"health": "true"}
etcd-1 Healthy {"health": "true"}
NAME STATUS ROLES AGE VERSION
worker-0 Ready <none> 2m30s v1.18.6
worker-1 Ready <none> 2m30s v1.18.6
worker-2 Ready <none> 2m30s v1.18.6
